Zyxel-communications Internet Security Gateway ZyWALL 2 Series Uživatelský manuál Strana 289
- Strana / 614
- Tabulka s obsahem
- ŘEŠENÍ PROBLÉMŮ
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
ZyWALL 2 Series User’s Guide
Remote Management Screens 17-3
data), authentication (one party can identify the other party) and data integrity (you know if data has been
changed).
It relies upon certificates, public keys, and private keys (see the Certificates chapter for more information).
HTTPS on the ZyWALL is used so that you may securely access the ZyWALL using the web configurator.
The SSL protocol specifies that the SSL server (the ZyWALL) must always authenticate itself to the SSL
client (the computer which requests the HTTPS connection with the ZyWALL), whereas the SSL client only
should authenticate itself when the SSL server requires it to do so (select Authenticate Client Certificates in
the REMOTE MGMT, WWW screen). Authenticate Client Certificates is optional and if selected means
the SSL-client must send the ZyWALL a certificate. You must apply for a certificate for the browser from a
CA that is a trusted CA on the ZyWALL.
Please refer to the following figure.
1. HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the
ZyWALL’s WS (web server).
2. HTTP connection requests from a web browser go to port 80 (by default) on the ZyWALL’s WS
(web server).
Figure 17-1 HTTPS Implementation
- ZyWALL 2 Series 1
- Copyright 2
- Interference Statement 3
- Caution 4
- ZyXEL Limited Warranty 5
- Customer Support 6
- Table of Contents 7
- List of Figures 15
- List of Tables 22
- Preface 26
- Graphics Icons Key 27
- Part I: 29
- Chapter 1 31
- Getting to Know Your ZyWALL 31
- 1.2.1 Physical Features 32
- 1.2.2 Non-Physical Features 32
- RoadRunner Support 36
- Logging and Tracing 36
- Upgrade ZyWALL Firmware 36
- Chapter 2 39
- 2.3 Resetting the ZyWALL 40
- LINK TAB FUNCTION 42
- Chapter 3 47
- Wizard Setup 47
- 3.3 Internet Access 48
- 3.3.2 PPPoE Encapsulation 50
- 3.3.3 PPTP Encapsulation 52
- 3.4 WAN and DNS 54
- 3.4.4 WAN MAC Address 56
- 3.5 Basic Setup Complete 58
- Wizard Setup 3-13 59
- Part II: 61
- Chapter 4 63
- System Screens 63
- 4-2 System 64
- 4.3 Dynamic DNS 65
- 4.4 Configuring Dynamic DNS 65
- 4.5 Configuring Password 67
- 4.7 Configuring Time Setting 69
- System 4-9 71
- Table 4-5 Time Setting 71
- Chapter 5 73
- LAN Screens 73
- 5.5 LAN TCP/IP 74
- 5.6 Configuring IP 75
- Figure 5-1 IP 76
- Table 5-1 IP 76
- LAN 5-5 77
- 5.7 Configuring Static DHCP 78
- 5.8 Configuring IP Alias 79
- 5-8 LAN 80
- LAN 5-9 81
- Table 5-3 IP Alias 81
- Part III: 83
- Chapter 6 85
- WAN Screens 85
- 6.4 Configuring Route 86
- 6.5 Configuring WAN ISP 87
- 6.5.2 PPPoE Encapsulation 89
- 6.5.3 PPTP Encapsulation 91
- 6.6 Configuring WAN IP 93
- 6.8 Traffic Redirect 98
- ZyWALL 2 Series User’s Guide 100
- Figure 6-9 Traffic Redirect 100
- Table 6-8 Traffic Redirect 100
- 6.11 Advanced Modem Setup 106
- 6.11.3 Response Strings 107
- Table 6-10 Advanced Setup 108
- Chapter 7 111
- Wireless LAN Screens 111
- 7-2 Wireless LAN Screens 112
- 7.3 Wireless Security 113
- 7-4 Wireless LAN Screens 114
- Table 7-1 Wireless 115
- 7.5 Configuring MAC Filter 116
- 7.6 802.1x Overview 117
- 7-8 Wireless LAN Screens 118
- 7.7 Local User Database 119
- 7.8 Configuring 802.1X 119
- 7-10 Wireless LAN Screens 120
- Part IV: 121
- Chapter 8 123
- 8.1.3 How NAT Works 124
- 8.1.4 NAT Application 125
- 8.1.5 NAT Mapping Types 125
- 8.2 Using NAT 126
- 8.3 SUA Server 127
- IP address 128
- 8.4 Configuring SUA Server 129
- Configuring Address Mapping 132
- LABEL DESCRIPTION 135
- 8-14 NAT 136
- Table 8-7 Trigger Port 136
- Chapter 9 137
- Static Route Screens 137
- 9-4 Static Route Screens 140
- Part V: 141
- Chapter 10 143
- Firewalls 143
- 10.4 Denial of Service 145
- 10.4.2 Types of DoS Attacks 146
- 5 REDIRECT 148
- 13 TIMESTAMP_REQUEST 148
- 14 TIMESTAMP_REPLY 148
- 17 ADDRESS_MASK_REQUEST 148
- 18 ADDRESS_MASK_REPLY 148
- 10.5 Stateful Inspection 149
- 10.5.3 TCP Security 152
- 10.5.4 UDP/ICMP Security 152
- 10.5.5 Upper Layer Protocols 153
- 10.7.1 Packet Filtering: 154
- 10.7.2 Firewall 154
- Chapter 11 157
- Firewall Screens 157
- 11.3 Rule Logic Overview 158
- Service 159
- Source Address 159
- Destination Address 159
- 11.4.1 LAN to WAN Rules 160
- 11.4.2 WAN to LAN Rules 160
- 11.5 Alerts 161
- 11.6 Configuring Firewall 161
- Firewall Screens 11-7 163
- Firewall Screens 11-9 165
- 11-10 Firewall Screens 166
- Address 168
- 11-14 Firewall Screens 170
- 11.8 Predefined Services 174
- Firewall Screens 11-19 175
- 11.9.1 Threshold Values 177
- 11.9.2 Half-Open Sessions 177
- Firewall Screens 11-23 179
- Table 11-6 Attack Alert 179
- Chapter 12 181
- Content Filtering Screens 181
- Part VI: 199
- Chapter 13 201
- Introduction to IPSec 201
- 13.1.4 VPN Applications 202
- 13.2 IPSec Architecture 203
- 13.3 Encapsulation 204
- 13.4 IPSec and NAT 205
- Chapter 14 207
- VPN Screens 207
- 14.3 My IP Address 208
- 14.4 Secure Gateway Address 208
- 14.5 Summary Screen 209
- 14.6 Keep Alive 211
- 14.7 NAT Traversal 212
- 14.7.3 Remote DNS Server 213
- 14.8 ID Type and Content 214
- 14.9 Pre-Shared Key 216
- 14.10 VPN Implementation 216
- 14-12 VPN Screens 218
- VPN Screens 14-13 219
- 14-14 VPN Screens 220
- VPN Screens 14-15 221
- 14-16 VPN Screens 222
- VPN Screens 14-17 223
- 14-18 VPN Screens 224
- VPN Screens 14-19 225
- 14-20 VPN Screens 226
- 14.12 IKE Phases 227
- 14.12.1 X-Auth and IKE 229
- 14.12.2 Negotiation Mode 229
- 14.12.3 Pre-Shared Key 229
- DESCRIPTION 231
- 14.14 Manual Key Setup 234
- 14-30 VPN Screens 236
- Table 14-9 VPN Manual Setup 236
- VPN Screens 14-31 237
- 14-32 VPN Screens 238
- 14.16 SA Monitor 239
- 14.17 Global Settings 240
- Part VII: 245
- Chapter 15 247
- Certificates 247
- 15.3 Configuration Summary 248
- 15.4 My Certificates 249
- 15-4 Certificates 250
- Table 15-1 My Certificates 250
- 15.7 Creating a Certificate 253
- 15-8 Certificates 254
- Certificates 15-9 255
- 15.8 My Certificate Details 256
- Certificates 15-11 257
- 15-12 Certificates 258
- Certificates 15-13 259
- 15.9 Trusted CAs 260
- 15-18 Certificates 264
- Certificates 15-19 265
- 15-20 Certificates 266
- 15.12 Trusted Remote Hosts 267
- 15-26 Certificates 272
- Certificates 15-27 273
- 15-28 Certificates 274
- 15.16 Directory Servers 275
- Certificates 15-31 277
- Part VIII: 279
- Chapter 16 281
- Authentication Server 281
- 16-2 Authentication Server 282
- 16.4 Configuring RADIUS 283
- Authentication Server 16-5 285
- Table 16-2 RADIUS 285
- Chapter 17 287
- Remote Management Screens 287
- 17.2 Introduction to HTTPS 288
- 17.3 Configuring WWW 290
- Table 17-1 WWW 291
- 17.4 HTTPS Example 292
- 17.4.4 Login Screen 295
- 17.5 SSH Overview 299
- 17.6 How SSH works 300
- 17.8 Configuring SSH 301
- 17.9.2 Example 2: Linux 303
- 17.11 Telnet 305
- 17.12 Configuring TELNET 306
- 17.13 Configuring FTP 307
- 17.14 Configuring SNMP 308
- 17.14.1 Supported MIBs 310
- 17.14.2 SNMP Traps 310
- 17.15 Configuring DNS 312
- 17.16 Configuring Security 314
- Table 17-8 Security 315
- Chapter 18 317
- 18.2 UPnP Implementation 318
- 18.3 Configuring UPnP 318
- DESCRIPTION 319
- Part IX: 327
- Chapter 19 329
- Logs Screens 329
- 19-4 Log Screens 332
- Figure 19-2 Log Settings 332
- Log Screens 19-5 333
- Table 19-2 Log Settings 333
- 19.3 Configuring Reports 334
- 19.3.1 Viewing Web Site Hits 336
- 19.3.2 Viewing Protocol/Port 337
- Part X: 341
- Chapter 20 343
- Maintenance 343
- 20.3 DHCP Table Screen 346
- 20.4 F/W Upload Screen 347
- 20.5 Configuration Screen 349
- 20.5.1 Backup Configuration 350
- 20.6 Restart Screen 353
- Part XI: 355
- Chapter 21 357
- Introducing the SMT 357
- 21.2.2 Entering the Password 358
- 21.3.1 Main Menu 359
- Menu 15.2 361
- Port Forwarding Setup 361
- Menu 24.2.2 361
- System Maintenance 361
- Change Console Port Speed 361
- Chapter 22 363
- SMT Menu 1 - General Setup 363
- Chapter 23 367
- WAN and Dial Backup Setup 367
- 23.2 Dial Backup 368
- 23.4 Advanced WAN Setup 369
- 23.6 Editing PPP Options 374
- 23.7 Editing TCP/IP Options 375
- 23.8 Editing Login Script 377
- 23.9 Remote Node Filter 378
- Chapter 24 381
- LAN Setup 381
- 2. TCP/IP and DHCP Setup 382
- 24.4.1 IP Alias Setup 384
- IP Alias 1, 2 385
- 24.5 Wireless LAN Setup 386
- Chapter 25 391
- Internet Access 391
- 25-2 Internet Access 392
- 25.3 PPTP Encapsulation 393
- 25.4 PPPoE Encapsulation 394
- 25.5 Basic Setup Complete 395
- Part XII: 397
- Chapter 26 399
- Remote Node Setup 399
- 26.2.2 PPPoE Encapsulation 401
- Nailed-Up Connection 402
- 26.2.3 PPTP Encapsulation 404
- 26.3 Edit IP 405
- 26-8 Remote Node Setup 406
- 26.4 Remote Node Filter 407
- 26.5 Traffic Redirect 408
- 26-12 Remote Node Setup 410
- Remote Node Setup 26-13 411
- Chapter 27 413
- IP Static Route Setup 413
- Chapter 28 415
- 28.2 NAT Setup 417
- 28.2.1 Address Mapping Sets 418
- Ordering Your Rules 420
- 28.4 General NAT Examples 423
- 28.4.1 Internet Access Only 424
- 192.168.1.10 427
- 10.132.50.1 427
- 192.168.1.12 430
- 10.132.20.3 430
- Chapter 29 435
- Introducing the Firewall 435
- Active: Yes 436
- Chapter 30 437
- Filter Configuration 437
- Filter Structure 438
- Filter Rule 439
- Filter Set 439
- 1. Filter Setup 440
- Len Length 442
- 30-8 Filter Configuration 444
- Filter Configuration 30-9 445
- 30-10 Filter Configuration 446
- FIELD DESCRIPTION OPTIONS 447
- 30-12 Filter Configuration 448
- 30.3 Example Filter 449
- 30.4 Filter Types and NAT 452
- 30.6 Applying a Filter 453
- Chapter 31 455
- SNMP Configuration 455
- 31.2 SNMP Traps 456
- Part XIII: 457
- Chapter 32 459
- FIELD DESCRIPTION 460
- 32.3.1 System Information 462
- 32.4 Log and Trace 463
- 32.4.1 UNIX Syslog 464
- PARAMETER DESCRIPTION 465
- 32.4.3 Diagnostic 467
- 32.4.4 WAN DHCP 468
- Chapter 33 471
- 33.3 Backup Configuration 472
- 33.3.1 Backup Configuration 473
- 33.3.4 GUI-based FTP Clients 474
- 33.3.7 TFTP Command Example 476
- Choose the Xmodem protocol 477
- Then click Receive 477
- 33.4 Restore Configuration 478
- Then click Send 480
- 33.5.1 Firmware File Upload 481
- 33.5.5 TFTP File Upload 483
- ZyWALL 2 User’s Guide 488
- Chapter 34 489
- 34.1.1 Command Syntax 490
- 34.1.2 Command Usage 490
- 34.2 Call Control Support 491
- 34.2.2 Call History 492
- 34.3 Time and Date Setting 493
- 10. Time and Date Setting 494
- 34.3.1 Resetting the Time 495
- Chapter 35 497
- Remote Management 497
- FIELD DESCRIPTION EXAMPLE 499
- Part XIV: 501
- Chapter 36 503
- Call Scheduling 503
- Chapter 37 507
- VPN/IPSec Setup 507
- 37.2 IPSec Summary Screen 508
- VPN/IPSec Setup 37-3 509
- 37-4 VPN/IPSec Setup 510
- 37.3 IPSec Setup 511
- VPN/IPSec Setup 37-7 513
- 37-8 VPN/IPSec Setup 514
- VPN/IPSec Setup 37-9 515
- 37-10 VPN/IPSec Setup 516
- 37.4 IKE Setup 517
- VPN/IPSec Setup 37-13 519
- 37.5 Manual Setup 520
- 37-16 VPN/IPSec Setup 522
- Chapter 38 523
- SA Monitor 523
- 38-2 SA Monitor 524
- Part XV: 525
- Appendix A 527
- Troubleshooting 527
- Appendix B 531
- Windows 2000/NT/XP 534
- Appendix C 543
- Triangle Route 543
- Appendix D 547
- Appendix E 551
- Client computer 552
- Appendix F 553
- Types of EAP Authentication 553
- Appendix G 555
- Appendix H 557
- Call Connection 558
- PPP Data Connection 559
- Appendix I 561
- IP Subnetting 561
- I-8 IP Subnetting 568
- Appendix J 569
- Part XVI: 571
- Appendix K 573
- Command Interpreter 573
- Appendix L 575
- Firewall Commands 575
- L-2 Firewall Commands 576
- Chart L-1 Firewall Commands 576
- Firewall Commands L-3 577
- L-4 Firewall Commands 578
- Firewall Commands L-5 579
- L-6 Firewall Commands 580
- Appendix M 581
- NetBIOS Filter Commands 581
- Command: 583
- Appendix N 585
- Boot Commands 585
- Appendix O 587
- Log Descriptions 587
- Log Descriptions O-13 599
- Displaying Logs 603
- Appendix P 605
- Protection 605
- Appendix Q 607
Související produkty a manuály pro Hardware Zyxel-communications Internet Security Gateway ZyWALL 2 Series
(124 stránky)
(133 stránky)© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.033 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce